If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Help for novel - email interception

I'm writing a thriller, set in 2007, and have the scenario that one person in a government building wants to access (undetected) the email of another person in that building. They are both of a senior level, and the one who wants to read the email has access to some very clever hackers/IT specialists (but can't use the CIA/FBI because it's all very illegal). I don't want enough detail to do it, just whether it is feasible and, if so, with enough hints to make it sound plausible, e.g. would the hacker have to visit the building.

Sorry of I've chosen the wrong site or thread, but it is security and I am a newbie here...

Yes you have a security question, and I have seen several similar requests over the years where someone has seen something in a film or read it in a novel and wondered if it was feasible.

You say that they are both senior (presumably civil servants) and are in the same building. I would guess that means that they are on the same network and use the same mail server?

e.g. would the hacker have to visit the building.

Well, they are both in it already, so what I guess you are asking is would it take physical access to the mail server and/or client computer? Or could it be done remotely?

The answer is almost certainly "yes". How would depend on the setup, and security (not noted in government establishments) in place.

can we have a bit more background?

If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?

Yes, they are civil servants based in Washington. Essentially the story is about trying to find out if an ex-general (now a civil servant) can be trusted in the investigation of a corrupt army officer in Afghanistan, or whether he is actually involved. Because the other civil servant can't trust the CIA etc. in the circumstances (out-ranked) he is using a less-than-legal bunch of people to help him out. These are world-class criminals with a lot of resources to hand.

Is that enough background? I just need to be able to sketch out him asking for help and the bunch of criminals (he's worked with them before) delivering the solution.

I will assume that this is a typical government or institutional scenario where all data (including e-mails) are held on shared, central servers, as opposed to locally on users' desktops. This is so that data are backed up properly, as users cannot be trusted.

There are three potential attack vectors IMO:

1. The mailserver itself.
2. The mailserver backups (frequently stored under far less security than the server room )
3. The e-mail account that is the target.

1 & 2 are where the FEDs would go, or criminals after ALL e-mails.

3. Is the Sara Palin (and dozens of others) scenario.

To access someone's live e-mail account you need:

1. Their UserID.
2. Their password.
3. Access to the mailserver their account is on.

In the scenario that you describe #1 is a nobrainer because his ID will be on the internal e-mail directory.

Similarly #3 should not be a problem as your protagonist should have the same access rights as the target.

That just leaves obtaining their password..............AND (presumably?) avoiding detection.

A lot would depend on the type of government department we are talking about here, and what their security policies happen to be.

A few more background questions:

1. Is this e-mail on a "secure" network or one you can surf the net with?
2. Are we talking about desktops or laptops?
3. Can authorised employees access their e-mail accounts remotely or must they be on site?

Last edited by nihil; January 5th, 2012 at 06:27 PM.

If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?

Brilliant information, Nihil. Just the sort of thing I'm looking for. And, yes, he needs to avoid detection so I guess he can't just open the account (if he has the password) and look?

As for your 3 questions:

1) Probably one where they can surf, claiming the need to research, etc.
2) Could be either, but in 2007 I guess there is a tendency to use a laptop and take it everywhere - can do whatever is best - the joys of fiction.
3) I would say almost certainly the top brass will want to access their email from anywhere.